<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
/**
 * Author: ThanhTV
 * Email: thanhtran@vietnambiz.com
 * Date create: Tue, 05/04/2011
 */
require_once('admin_controller' . EXT);

class User extends admin_controller
{
    var $data = array();

    function User()
    {
        parent::admin_controller();
        $this->load->model(array("user_model"));
        $this->load->library('Message');

        $this->data["all_users"] = $this->user_model->get_all_users();

        if ($_SESSION["login"]["roleid"] != 1) {
            echo "<font color='red'>No permission</font>";
            die;
        }
    }

    function index() {

        $this->data["tpl_view"] = 'user/index';
        $this->load->view('admin_layout', $this->data);
    }

    function list_users() {

        $this->load->view('user/list', $this->data);
    }

    function add() {

        if ($_SERVER["REQUEST_METHOD"] == "POST") {

            $data_in = array();
            $data_in["user"] = $this->input->post('username');
            $data_in["pass"] = md5($this->input->post('password'));
            $data_in["mail"] = $this->input->post('email');
            $data_in["roleid"] = $this->input->post('role');
            $data_in["status"] = $this->input->post('status');

            $re = $this->db->insert('tbl_users', $data_in);

            if ($re) {
                die("yes");
            }
        }

        $this->load->view('user/add', $this->data);
    }

    function edit($id=0) {

        if ($_SERVER["REQUEST_METHOD"] == "POST") {

            $data_in = array();
            $data_in["user"] = $this->input->post('username');
            $data_in["mail"] = $this->input->post('email');
            $data_in["roleid"] = "1";
            $data_in["status"] = $this->input->post('status');
            $pass = $this->input->post('password');
            
            if (!empty($pass)) 
            {
                $data_in["pass"] = md5($this->input->post('password'));                
            }            
            $re = $this->db->where('userid', $this->input->post('edit_id'))->update('tbl_users', $data_in);


            if ($re) {
                die("yes");
            }
        }
        $this->data["user_info"] = $this->user_model->get_user_info($id);
        $this->load->view('user/edit', $this->data);
    }

    function change_status() {

        if ($_SERVER['REQUEST_METHOD'] == 'POST') {

            $active = $this->input->post('mode');
            $user_id = $this->input->post('user_id');

            $this->db->where_in('userid', $user_id);
            $this->db->update('tbl_users', array('status' => $active));

            die($active);
        }
    }

    function change() {

        if ($_SERVER["REQUEST_METHOD"] == "POST") {

            $data_in = array();
            $old_pass = md5($this->input->post('old_pass'));
            $data_in["pass"] = md5($this->input->post('new_pass'));
            $con_pass = md5($this->input->post('con_pass'));

            if ($old_pass != $_SESSION["login"]["pass"]) {
                die('Old password incorrect!');
            }

            if ($data_in["pass"] != $con_pass) {
                die('New password & confrim not match!');
            }

            $re = $this->db->where('userid', $_SESSION["login"]["id"])->update('tbl_users', $data_in);

            if ($re) {
                $_SESSION["login"]["pass"] = $data_in["pass"];
                die("yes");
            }
        }

        $this->load->view('user/change', $this->data);
    }

    function del($id) {

        if (!$this->user_model->del_user($id)) {
            die('no');
        }
        die('yes');
    }

}